Senior Systems Security Engineer and Vulnerability Researcher

San Francisco, USA
Full time
Office
Compensation is not specified
Role
Security Engineer
Description

Job Summary:

We are in search of a skilled Senior Systems Security Engineer & Vulnerability Researcher, with specialized knowledge in OS security, container security, hypervisor security, and process sandboxing. The role necessitates strong offensive security capabilities in detecting and exploiting vulnerabilities, specifically within the Internet Computer (IC) platform and its operation environments.

The ideal candidate will be responsible for in-depth security research, executing vulnerability assessments, developing exploits, and consistently enhancing the security posture of the IC platform.

This role is a combination of onsite and remote work (3 days onsite), situated at our San Francisco office.

Primary Duties:

Hypervisor & Virtualization Security:

  • Investigate and counteract security vulnerabilities in QEMU-based virtualization, VM isolation, and issues related to guest-to-host escape.
  • Evaluate potential attack areas within virtual machines, hypervisors, and inter-VM communication channels.
  • Develop and validate exploitation techniques aiming at vulnerabilities in hypervisors, container escapes, and side-channel leakage.
  • Design and advance secure VM execution models and Trusted Execution Environments (TEEs) utilizing AMD SEV-SNP for enforcing strong VM isolation and safeguarding workloads from compromised hypervisors.

Operating System & Process Isolation Security:

  • Fortify Linux OS security by enhancing process isolation, sandboxing, and syscall filtering.
  • Upgrade Mandatory Access Control (MAC) policies (like SELinux) to enforce enhanced access controls.
  • Research and enhance sandboxing strategies to confine untrusted processes.
  • Identify and mitigate kernel privilege escalation routes, particularly in containerized and virtualized environments.

Vulnerability Research & Exploit Development:

  • Engage in reverse engineering, binary analysis, and fuzzing to uncover vulnerabilities across OS, hypervisor, and VM layers.
  • Develop proof-of-concept (PoC) exploits for validating security threats and recommend mitigation tactics.
  • Critically analyze and enhance secure boot mechanisms, firmware security, and disk encryption strategies in virtualized environments.

Security Strengthening & Mitigations:

  • Collaborate with engineers to outline and implement hypervisor and VM security enhancement strategies.
  • Propose resilient runtime environments aimed at counteracting modern attack methods.
  • Stay updated on emerging threats concerning virtualization security, container security, and OS sandboxing.

Red Team Strategy & Operations:

  • Lead and formulate advanced Red Team initiatives targeting Internet Computer Protocol, governance, subnets, nodes, and system dApps.
  • Develop plans for adversary emulation to assess platform and infrastructure defenses, identifying weaknesses proactively.

Prerequisites:

  • Profound understanding of Linux security internals involving kernel attack surfaces, syscall security, privilege segregation, and process isolation.
  • Expertise in QEMU/KVM security, guest-to-host escapes, hypervisor fortification, and VM isolation methods.
  • Hands-on experience analyzing hypervisor-level attacks, VM evasion tactics, and security measures in virtualization.
  • Familiarity with side-channel vulnerabilities affecting virtualization environments like Spectre, Meltdown, L1TF, MDS.
  • Proficiency in Trusted Execution Environments (TEE) and secure virtualization, emphasizing QEMU and AMD SEV-SNP.
  • Experience with reverse engineering tools (e.g., Ghidra, IDA Pro, Binary Ninja, binwalk) and fuzzing frameworks.
  • Competence in adversary emulation, lateral movement techniques, privilege escalation, and exfiltration practices.
  • Expertise in securing containerized environments, covering Kubernetes security, container fortification, and runtime protection.

Compensation and Benefits:

Base Salary Range: $175,000 - $240,000 per year. Total compensation at DFINITY includes base salary plus bonus, dependent on factors like job level, expertise, educational background, experience, and location.

Inclusive of cash components, we offer comprehensive benefits such as top-tier medical, dental, vision insurance, disability insurance, life insurance, 401(k) plan, flexible PTO policy, and paid holidays.

About DFINITY and the Internet Computer:

DFINITY is at the forefront of advancing the Internet Computer Protocol (ICP), dedicated to bringing the world's compute onto the secure ICP network. Leveraging groundbreaking blockchain technology, ICP enables the creation and operation of a new era of tamper-proof, decentralized web applications. With the capability to run entire AI models within smart contracts, ICP represents a significant leap in secure AI functioning. Through seamless integration with key networks, ICP facilitates multi-chain operations for digital assets and web3.

Join Our Team:

DFINITY, established in 2016 by entrepreneur Dominic Williams, boasts a team of over 250 talented individuals committed to shaping the future of the internet and web3. Our team comprises renowned cryptographers, distributed systems engineers, programming language experts, and industry trailblazers.

DFINITY is an equal opportunity employer.

Skills Required
Avatar
Dfinity
Company size
Not specified
Location
United States
Description
The DFINITY Foundation is a major contributor to the Internet Computer blockchain.

More Full-time Jobs

Show more

CoinCROWD - DevOps Engineer

Bangalore, India +9
Bangalore, India +9
Full time
Remote
DevOps Engineer , RemoteWho we areCoinCROWD is building the future of crypto spending with CROWD Wallet, a secure, user-friendly wallet designed for seamless cryptocurrency transactions in the real world. We’re not just another fintech startup—we’re a bunch of tech nerds, problem solvers, and occasional meme creators who thrive on making things work (and work well!). If you love automation, scalability, and keeping infrastructure costs from burning a hole in the budget, you’re going to fit right in! What you’ll be doingAs our DevOps Engineer, you’ll be the guardian of Google Cloud, the Docker whisperer, and the Prometheus prophet who ensures our infrastructure is rock solid and our monitoring doesn’t just scream“everything is on fire!”Your daily adventures include:✅ Taming the cloud – Managing Google Cloud Platform (GCP) infrastructure like a pro while optimizing costs (because we prefer spending money on cool tech, not unnecessary cloud bills).✅ Containerizing all the things – Wrangling Docker and ensuring deployments don’t turn into "works on my machine" disasters.✅ Keeping an eye on everything – Setting up Prometheus and Grafana, so we catch issues before they catch us.✅ Automating away the pain – Writing scripts, automating tasks, and setting up CI/CD pipelines so deployments are smooth (and don’t require holding hands and praying).✅ Making sure things scale, not fail – Optimizing performance and keeping infrastructure stable, even when traffic spikes like it’s Bitcoin in 2021.✅ Collaborating, not just configuring – Working closely with developers to make sure deployments are seamless and the system runs like a well-oiled crypto machine.What we need from youWe’re looking for a self-motivated, go-getter who thrives in a startup-like environment and embraces feedback like a true DevOps warrior.You’ll be our perfect match if you:• Have 3+ years of experience in DevOps, Cloud Engineering, or a similar role.• Know GCP inside and out—bonus points if you’ve optimized cloud costs before and can proudly talk about it.• Speak fluent Docker and don’t panic when things go wrong in containers.• Are a monitoring guru with Prometheus and Grafana (because logs shouldn’t just be black holes of despair).• Are a CI/CD ninja (Jenkins, GitHub Actions, GitLab CI, or similar).• Believe in "automate or regret later" (and have scripting skills in Bash, Python, or Go to back it up).• Are the kind of person who Googles first, panics later.Bonus points if...• You’ve optimized cloud costs and can explain it without making us cry.• YAML indentation errors have personally victimized you before.• You thrive in fast-paced, high-growth environments (aka "organized chaos").• You once deployed something on a Friday and lived to tell the tale.Want to apply?If DevOps, automation, and cloud cost optimization excite you, and you want to be part of a dynamic, feedback-driven, fun-loving team, we’d love to hear from you!Send your resume to [gaurav@coincrowd.com] and let’s build something amazing together!
1,083-3,833
Monthly
See details

Business Development (Remote)

Full time
Remote
Job Title: Business Development
Job type: Full-time, remoteKey Responsibilities:
1. Develop and execute strategies to grow the derivatives trading user base intarget regions.
2. Build and manage partnerships with institutional clients and key ecosystemplayers.
3. Identify market trends, user needs, and competitor activities to drive productand service enhancements.
4. Collaborate with internal teams to optimize product offerings and campaigns fortarget markets.
Qualifications:
1. Proven experience in business development or sales in the crypto/financialindustry.
2. Strong understanding of derivatives trading and market dynamics.
3. Excellent communication and negotiation skills.
Payment in Crypto
1,500-3,500
Monthly
See details

Venture Fellow (Part-Time, Remote)

Part time
Remote
About Iron Key Capital:
Iron Key Capital is an investment firm specializing in liquid and venture opportunities in the crypto space. We invest in pre-seed and seed-stage Web3 startups focused on enterprise adoption of utility-driven digital assets. Additionally, we operate a blockchain innovation lab and incubate startups within the Web3 infrastructure sector. Backed by 200+ LPs globally, Iron Key deploys over $1M annually.
Role Overview:
The Venture Fellow program is an 8-week, part-time, remote opportunity designed for individuals eager to develop their skills in venture capital and angel investing. Fellows will gain hands-on experience in early-stage investing, including deal sourcing, due diligence, and pitching investment opportunities.
This program is ideal for aspiring investors, founders, or professionals exploring a career shift into venture capital. Fellows will work closely with seasoned venture capitalists and gain access to Iron Key’s investor community to learn best practices in the field.
Key Responsibilities:
Identify and evaluate early-stage investment opportunities in the Web3 ecosystem.
Conduct market research and due diligence on potential investments.
Collaborate with the Iron Key team on deal sourcing and portfolio management.
Engage with investors and team members to develop investment strategies.
Contribute to thought leadership on topics related to venture capital and Web3 innovation.
Qualifications:
Strong analytical and problem-solving skills to evaluate investment opportunities.
Excellent communication and interpersonal skills for engaging with team members and stakeholders.
Experience in Web3, AI, or related technologies is preferred.
Involvement in startups, entrepreneurial ecosystems, or Web3 communities is a plus.
Aspiring to transition into venture capital or professionalize angel investing skills.
Bonus: Previous experience as a founder or working within early-stage startups.
Program Details:
Duration: 8 weeks (part-time)
Location: Remote
Compensation: Competitive, based on experience
How to Apply:
Submit your application through this link:
https://airtable.com/appfCDlkorF5FL3VZ/pagnjuRX1A7gZjBGc/form
Additional Information:
This program is designed to take the guesswork out of breaking into venture capital or professionalizing angel investing. Successful Fellows may have opportunities to advance into Venture Partner or Core Contributor roles at Iron Key.

Founder Fellow

Full time
Remote
Founder Fellow
📍 Remote | 3-Month Contract
🚀 About Iron Key & Iron Key Capital
Iron Key, backed by Iron Key Capital, is a venture community and investment firm focused on liquid and venture opportunities in crypto, Web3, and AI. Our mission is to invest in and support Pre-Seed and Seed-stage startups, equipping founders and investors with the tools and knowledge they need to succeed.
We operate a blockchain innovation lab and incubate startups in venture infrastructure, fintech, IP ownership, and application development. Iron Key Capital is backed by 200+ global LPs, deploying $1M+ annually into emerging opportunities.
📢 The Opportunity: Entrepreneur in Residence (EIR)
We are seeking a technical co-founder or EIR to help bring a newly incubated venture infrastructure product to market. This is a 3-month remote contract role, ideal for builders with Web3 and AI experience who want to launch a company with hands-on support.
Iron Key has developed proprietary AI tools for internal workflows and is exploring opportunities to externalize these as software-based consulting services or standalone software products. As an EIR, you’ll play a critical role in shaping, launching, and scaling these innovations.
🔹 Key Responsibilities
Lead Startup Development – Take an incubated idea from concept to market launch.
Drive Innovation – Bring your own venture idea or work on an existing Iron Key product.
Strategic Execution – Develop and implement growth strategies.
Hands-on AI & Web3 Work – Build and iterate on cutting-edge solutions in AI and blockchain.
Leverage Resources – Work alongside investors, advisors, and a global network to accelerate your startup.
🎯 What We’re Looking For
Proven entrepreneurial experience – Ideally, you’ve built a startup before (even if it failed).
Deep Web3 or AI expertise – Hands-on experience in AI, blockchain, or fintech is a must.
Strong problem-solving mindset – Ability to pivot, adapt, and execute in fast-changing environments.
Leadership & Vision – You’re a self-starter who can drive a business forward.
🔥 Why Join Iron Key?
Founder-Centric Program – Hands-on support to launch a company.
Unmatched Network – Access to top investors, mentors, and builders in crypto and AI.
Long-Term Value – Lifetime membership in the Iron Key community & alumni network.
Fundraising Support – Get exposure to global investors and funding opportunities.
📩 Apply Now
If you're ready to build and scale a new venture, apply here:
👉 https://airtable.com/appfCDlkorF5FL3VZ/paggWhwbIDwnmlzlK/form

Venture Scout

Full time
Remote
Venture Scout (Part-Time, Remote) - Iron Key Capital
Location: Remote (Global)
About Iron Key Capital:
Iron Key Capital is an investment firm specializing in liquid and venture opportunities in the crypto space. We invest in pre-seed and seed-stage Web3 startups focused on enterprise adoption of utility-driven digital assets. Additionally, we operate a blockchain innovation lab and incubate startups within the Web3 infrastructure sector. Backed by 200+ LPs globally, Iron Key deploys over $1M annually.
Role Overview:
The Venture Fellow program is an 8-week, part-time, remote opportunity designed for individuals eager to develop their skills in venture capital and angel investing. Fellows will gain hands-on experience in early-stage investing, including deal sourcing, due diligence, and pitching investment opportunities.
This program is ideal for aspiring investors, founders, or professionals exploring a career shift into venture capital. Fellows will work closely with seasoned venture capitalists and gain access to Iron Key’s investor community to learn best practices in the field.
Key Responsibilities:
Identify and evaluate early-stage investment opportunities in the Web3 ecosystem.
Conduct market research and due diligence on potential investments.
Collaborate with the Iron Key team on deal sourcing and portfolio management.
Engage with investors and team members to develop investment strategies.
Contribute to thought leadership on topics related to venture capital and Web3 innovation.
Qualifications:
Strong analytical and problem-solving skills to evaluate investment opportunities.
Excellent communication and interpersonal skills for engaging with team members and stakeholders.
Experience in Web3, AI, or related technologies is preferred.
Involvement in startups, entrepreneurial ecosystems, or Web3 communities is a plus.
Aspiring to transition into venture capital or professionalize angel investing skills.
Bonus: Previous experience as a founder or working within early-stage startups.
Program Details:
Duration: 8 weeks (part-time)
Location: Remote
Compensation: Competitive, based on experience
How to Apply:
Submit your application through this link:
https://airtable.com/appfCDlkorF5FL3VZ/pagnjuRX1A7gZjBGc/form
Additional Information:
This program is designed to take the guesswork out of breaking into venture capital or professionalizing angel investing. Successful Fellows may have opportunities to advance into Venture Partner or Core Contributor roles at Iron Key.